Merge pull request #2290 from intel/dependabot/github_actions/github-actions-39ea21d35a

mythi · web-flow · commit ed8dfab80e2c · 2026-05-26T09:23:18.000+03:00
build(deps): bump the github-actions group with 3 updates
diff --git a/.github/workflows/lib-codeql.yaml b/.github/workflows/lib-codeql.yaml
@@ -29,11 +29,11 @@ jobs:
         sudo apt-get update
         sudo apt-get install -y libze1 libze-dev
     - name: Initialize CodeQL
-      uses: github/codeql-action/init@9e0d7b8d25671d64c341c19c0152d693099fb5ba # v3
+      uses: github/codeql-action/init@7211b7c8077ea37d8641b6271f6a365a22a5fbfa # v3
       with:
         languages: 'go'
 
     - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@9e0d7b8d25671d64c341c19c0152d693099fb5ba # v3
+      uses: github/codeql-action/analyze@7211b7c8077ea37d8641b6271f6a365a22a5fbfa # v3
       with:
         category: "/language:go"
diff --git a/.github/workflows/lib-publish.yaml b/.github/workflows/lib-publish.yaml
@@ -100,7 +100,7 @@ jobs:
         if: ${{ !contains(fromJson(env.no_base_check), matrix.image) }}
         run: IMG=${{ inputs.registry }}/${{ matrix.image }}:${{ inputs.image_tag }} make test-image-base-layer BUILDER=docker
       - name: Login
-        uses: docker/login-action@4907a6ddec9925e35a0a9e82d7399ccc52663121 # v4.1.0
+        uses: docker/login-action@650006c6eb7dba73a995cc03b0b2d7f5ca915bee # v4.2.0
         with:
           username: ${{ secrets.DOCKERHUB_USER }}
           password: ${{ secrets.DOCKERHUB_PASS }}
diff --git a/.github/workflows/lib-scorecard.yaml b/.github/workflows/lib-scorecard.yaml
@@ -26,6 +26,6 @@ jobs:
           results_format: sarif
           publish_results: true
       - name: "Upload results to security"
-        uses: github/codeql-action/upload-sarif@9e0d7b8d25671d64c341c19c0152d693099fb5ba # v3
+        uses: github/codeql-action/upload-sarif@7211b7c8077ea37d8641b6271f6a365a22a5fbfa # v3
         with:
           sarif_file: results.sarif
diff --git a/.github/workflows/lib-validate.yaml b/.github/workflows/lib-validate.yaml
@@ -44,7 +44,7 @@ jobs:
           sudo apt-get update
           sudo apt-get install -y libze1 libze-dev
       - name: golangci-lint
-        uses: golangci/golangci-lint-action@1e7e51e771db61008b38414a730f564565cf7c20 # v7
+        uses: golangci/golangci-lint-action@82606bf257cbaff209d206a39f5134f0cfbfd2ee # v7
         with:
           version: v2.9.0
           args: -v --timeout 5m
diff --git a/.github/workflows/trivy-periodic.yaml b/.github/workflows/trivy-periodic.yaml
@@ -31,6 +31,6 @@ jobs:
         format: sarif
         output: trivy-report.sarif
     - name: Upload sarif report to GitHub Security tab
-      uses: github/codeql-action/upload-sarif@9e0d7b8d25671d64c341c19c0152d693099fb5ba # v3
+      uses: github/codeql-action/upload-sarif@7211b7c8077ea37d8641b6271f6a365a22a5fbfa # v3
       with:
         sarif_file: trivy-report.sarif
